Share
## https://sploitus.com/exploit?id=165484B6-0DE7-5236-9E96-FD03E6F0986D
# CVE-2026-42980 Public Disclosure

This repository contains the public disclosure material for **CVE-2026-42980**, a Windows kernel WMI integer-underflow vulnerability that can be exploited for local privilege escalation to `NT AUTHORITY\SYSTEM` on vulnerable lab builds.

![SYSTEM shell proof](assets/photo-poc-system.jpg)

## Full write-up

- [English article](writeup-en.md)
- [Artículo en español](writeup-es.md)

## Repository layout

```text
public/
  README.md
  README.es.md
  writeup-en.md
  writeup-es.md
  build.ps1
  Makefile
  src/
    cve_2026_42980_lpe.c
    helpers.c
    wmi_guids.h
  assets/
    photo-poc-system.jpg
```

## Build

Requirements:

- Windows
- Visual Studio Build Tools with MSVC x64
- PowerShell

Build with:

```powershell
powershell -NoProfile -ExecutionPolicy Bypass -File .\build.ps1
```

Or:

```cmd
nmake /f Makefile
```

The binary is generated at:

```text
build\poc.exe
```

## Safety notice

This code is provided for education, defensive research, and authorized testing only. Run it exclusively in isolated lab systems you own or are explicitly permitted to test.